a6e98c879516f96a8ce34e87676412458dbd0e76c8750834a78bfc4ff4cb88e5

Analysis

max time kernel
21s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
12/10/2024, 14:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3a6cbc33b046454227b0c866c29dec74_JaffaCakes118.apk
Size

1.1MB
MD5

3a6cbc33b046454227b0c866c29dec74
SHA1

9f7b94c831ee652755b535c411507946b2a9274c
SHA256

a6e98c879516f96a8ce34e87676412458dbd0e76c8750834a78bfc4ff4cb88e5
SHA512

62f2eb17ad91c5572f75d28c2a194ef80de77b97721b7bd63944873db99d1575af5b86b1c4b22d81a5d450c08fb1424f55f75271eb5b7699fe3026c6d7559abe
SSDEEP

24576:d9Bg/AKnp8gikde5zSak80sNpKDQTXczTuw:dHfse5zRracozTuw

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4971	com.elfswipe

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.elfswipe

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.elfswipe
1⤵
- Removes its main activity from the application launcher
- Queries information about active data network
PID:4971

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.elfswipe/databases/du_ad_ts.db

Filesize
20KB

MD5
4494c2a6b853b4370ae00ebcf78e7ce3

SHA1
a98b73ad5baad8c8ad49777b901fd48f1f65d0c6

SHA256
f66a1388a680cd92cdf1d48f0ad966cd3141592e0d3a59bf29a8201cd0b4dca2

SHA512
8205934d0c1272948cc08a5b1aaab1eccd77292b61273294b0742b2457c665ac4968cb208182c30d3ca0ea7de1b562672b34e3a06c49197398b9245099fb79f7

Download Submit
/data/data/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
512B

MD5
f990834239c84f66f23849395511c11c

SHA1
7cf4eb71b8d5e080642e38570ebfaf02b98c22e6

SHA256
5dcaf7661432ac9cb54bfaf578a4e48ea68773c473a9d8804f668aba5160ed45

SHA512
6269b63d3c0b70ba3bb197087c43e3c00dd74d383ad4f424542e2ae198c63432536619735491a90907f0a5e834254f55216bfe6101cb208dfe1008b22b0ad1e4

Download Submit
/data/data/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
8KB

MD5
cfcc2e07f1ef0b2e4c59671d140217cf

SHA1
6fd8ea8f7fdc5307881433bd8fd080583e7a40bd

SHA256
572b4a0c908a3cc5aea5231000a822a0c3baa00ccf7199a9c32adaacddd94d14

SHA512
63b8368803be016b51db4da09aea649ccf1301349996d92838f205860b48a57f121db03a522fb7425f3ea6a333ed45f8ad8ec53b1049b1f45b52ce3e4c14b19f

Download Submit
/data/data/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
8KB

MD5
9a9065f46df006f9d05490503f301d1b

SHA1
33a9bc174360c54389b8bbae9181c822d64df571

SHA256
a0983c76f337b33e014b75ebc56ad270de895e1e220b0a8030521a3065379294

SHA512
9933294024e6f4d649d1e06e5ddc96fb2418d0e33a636ccabb21dc09444f512e6338b56ee04b80f99ea2ed9f1d85058f5590406482d19e99faea105b81114f00

Download Submit
/data/data/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
12KB

MD5
7755a86d274f86ced80ff148c42e776f

SHA1
13191552b4206b0d80f1f4e5aca4914cd7ac5de3

SHA256
75586230d30606fd6f4040c02150addc318edbf9c4d47038324118cdcb9b4991

SHA512
8aee4d5ba340f81d04220cebd7352e19087fc3b027918e4024ac920068ae204c643bf61872caba736d4f3bbc643235fe76aaa4ca16445f1e05a47ef3b4e6619c

Download Submit